J2EE Misconfiguration: Unsafe Bean Declaration

Revision as of 15:49, 2 November 2008 by KirstenS (Talk | contribs)

Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by Fortify.JPG.

ASDR Table of Contents

Last revision (mm/dd/yy): 11/2/2008


Entity beans that expose a remote interface become part of an application's attack surface. For performance reasons, an application should rarely uses remote entity beans, so there is a good chance that a remote entity bean declaration is an error.

Risk Factors

  • Talk about the factors that make this vulnerability likely or unlikely to actually happen
  • Discuss the technical impact of a successful exploit of this vulnerability
  • Consider the likely [business impacts] of a successful attack



Related Attacks

Related Vulnerabilities

Related Controls

Related Technical Impacts